public static function accessiblePermissions()
{
if (self::$_accessible_permissions === null) {
self::$_accessible_permissions = Config::inst()->get('SubsiteExtension', 'edit_permissions');
}
return self::$_accessible_permissions;
}
static function accessible_sites_map($refresh = false)
{
if (!$refresh && self::$_accessible_sites_map_cache) {
return self::$_accessible_sites_map_cache;
}
$subsites = Subsite::accessible_sites("CMS_ACCESS_CMSMain");
$subsitesMap = array();
if ($subsites && $subsites->Count()) {
$subsitesMap = $subsites->map('ID', 'Title');
}
self::$_accessible_sites_map_cache = $subsitesMap;
return self::$_accessible_sites_map_cache;
}
/**
* Only allow editing of a page if the member satisfies one of the following conditions:
* - Is in a group which has access to the subsite this page belongs to
* - Is in a group with edit permissions on the "main site"
*
* @return boolean
*/
public function canEdit($member = null)
{
// If no subsite ID is defined, let dataobject determine the permission
if (!$this->owner->SubsiteList || !Subsite::currentSubsiteID()) {
return null;
}
if ($this->owner->SubsiteList) {
$subsiteIDs = $this->listSubsiteIDs();
} else {
// The relationships might not be available during the record creation when using a GridField.
// In this case the related objects will have empty fields, and SubsiteID will not be available.
//
// We do the second best: fetch the likely SubsiteID from the session. The drawback is this might
// make it possible to force relations to point to other (forbidden) subsites.
$subsiteIDs = array(Subsite::currentSubsiteID());
}
if (!$member) {
$member = Member::currentUser();
}
// Find the sites that this user has access to
if ($member->ID == Member::currentUserID()) {
$goodSites = SubsiteDataObject::accessible_sites_ids();
} else {
$goodSites = Subsite::accessible_sites('CMS_ACCESS_CMSMain', true, 'all', $member)->column('ID');
}
// Return true if they have access to this object's site
if (in_array(0, $goodSites)) {
return true;
//if you can edit main site, you can edit subsite
}
foreach ($subsiteIDs as $id) {
if (in_array($id, $goodSites)) {
return true;
}
}
return false;
}